CVE-2021-22946

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
haxxcurl
7.20.0 ≤
𝑥
< 7.79.0
debiandebian_linux
9.0
debiandebian_linux
10.0
debiandebian_linux
11.0
netappcloud_backup
-
netappclustered_data_ontap
-
netapponcommand_insight
-
netapponcommand_workflow_automation
-
netappsnapcenter
-
netapph300s_firmware
-
netapph500s_firmware
-
netapph700s_firmware
-
netapph300e_firmware
-
netapph500e_firmware
-
netapph700e_firmware
-
netapph410s_firmware
-
netappsolidfire_baseboard_management_controller_firmware
-
oraclecommunications_cloud_native_core_binding_support_function
1.11.0
oraclecommunications_cloud_native_core_network_function_cloud_native_environment
1.10.0
oraclecommunications_cloud_native_core_network_repository_function
1.15.0
oraclecommunications_cloud_native_core_network_repository_function
1.15.1
oraclecommunications_cloud_native_core_network_slice_selection_function
1.8.0
oraclecommunications_cloud_native_core_service_communication_proxy
1.15.0
oraclemysql_server
5.7.0 ≤
𝑥
≤ 5.7.35
oraclemysql_server
8.0.0 ≤
𝑥
≤ 8.0.26
oraclepeoplesoft_enterprise_peopletools
8.57
oraclepeoplesoft_enterprise_peopletools
8.58
oraclepeoplesoft_enterprise_peopletools
8.59
applemacos
𝑥
< 12.3
siemenssinec_infrastructure_network_services
𝑥
< 1.0.1.1
oraclecommerce_guided_search
11.3.2
oraclecommunications_cloud_native_core_binding_support_function
22.1.3
oraclecommunications_cloud_native_core_console
22.2.0
oraclecommunications_cloud_native_core_network_repository_function
22.1.0
oraclecommunications_cloud_native_core_network_repository_function
22.2.0
oraclecommunications_cloud_native_core_security_edge_protection_proxy
22.1.1
splunkuniversal_forwarder
8.2.0 ≤
𝑥
< 8.2.12
splunkuniversal_forwarder
9.0.0 ≤
𝑥
< 9.0.6
splunkuniversal_forwarder
9.1.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
curl
bookworm
7.88.1-10+deb12u7
fixed
bookworm (security)
7.88.1-10+deb12u5
fixed
bullseye
7.74.0-1.3+deb11u13
fixed
bullseye (security)
7.74.0-1.3+deb11u11
fixed
sid
8.10.1-2
fixed
trixie
8.10.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
curl
bionic
Fixed 7.58.0-2ubuntu3.15
released
focal
Fixed 7.68.0-1ubuntu2.7
released
hirsute
Fixed 7.74.0-1ubuntu2.3
released
impish
Fixed 7.74.0-1.3ubuntu2
released
jammy
Fixed 7.74.0-1.3ubuntu2
released
trusty
Fixed 7.35.0-1ubuntu2.20+esm8
released
xenial
Fixed 7.47.0-1ubuntu2.19+esm1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
curl
suse enterprise desktop 15 SP2
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP3
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise desktop 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise desktop 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise desktop 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise sap 12 SP5
7.60.0-11.28.1
fixed
suse enterprise sap 15
7.60.0-25.1
fixed
suse enterprise sap 15 SP1
7.60.0-25.1
fixed
suse enterprise sap 15 SP2
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP3
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise sap 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise sap 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise sap 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise server 12 SP3
7.37.0-37.70.1
fixed
suse enterprise server 12 SP4
7.60.0-4.30.1
fixed
suse enterprise server 12 SP5
7.60.0-11.28.1
fixed
suse enterprise server 15
7.60.0-25.1
fixed
suse enterprise server 15 SP1
7.60.0-25.1
fixed
suse enterprise server 15 SP2
7.66.0-4.27.1
fixed
suse enterprise server 15 SP3
7.66.0-4.27.1
fixed
suse enterprise server 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise server 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise server 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise server 15 SP7
8.6.0-150600.4.21.1
fixed
libcurl-devel
suse enterprise desktop 15 SP2
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP3
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise desktop 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise desktop 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise desktop 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise sap 15
7.60.0-25.1
fixed
suse enterprise sap 15 SP1
7.60.0-25.1
fixed
suse enterprise sap 15 SP2
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP3
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise sap 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise sap 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise sap 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise server 15
7.60.0-25.1
fixed
suse enterprise server 15 SP1
7.60.0-25.1
fixed
suse enterprise server 15 SP2
7.66.0-4.27.1
fixed
suse enterprise server 15 SP3
7.66.0-4.27.1
fixed
suse enterprise server 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise server 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise server 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise server 15 SP7
8.6.0-150600.4.21.1
fixed
libcurl4
suse enterprise desktop 15 SP2
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP3
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise desktop 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise desktop 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise desktop 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise sap 12 SP5
7.60.0-11.28.1
fixed
suse enterprise sap 15
7.60.0-25.1
fixed
suse enterprise sap 15 SP1
7.60.0-25.1
fixed
suse enterprise sap 15 SP2
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP3
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise sap 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise sap 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise sap 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise server 12 SP3
7.37.0-37.70.1
fixed
suse enterprise server 12 SP4
7.60.0-4.30.1
fixed
suse enterprise server 12 SP5
7.60.0-11.28.1
fixed
suse enterprise server 15
7.60.0-25.1
fixed
suse enterprise server 15 SP1
7.60.0-25.1
fixed
suse enterprise server 15 SP2
7.66.0-4.27.1
fixed
suse enterprise server 15 SP3
7.66.0-4.27.1
fixed
suse enterprise server 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise server 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise server 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise server 15 SP7
8.6.0-150600.4.21.1
fixed
libcurl4-32bit
suse enterprise desktop 15 SP2
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP3
7.66.0-4.27.1
fixed
suse enterprise desktop 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise desktop 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise desktop 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise desktop 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise sap 12 SP5
7.60.0-11.28.1
fixed
suse enterprise sap 15
7.60.0-25.1
fixed
suse enterprise sap 15 SP1
7.60.0-25.1
fixed
suse enterprise sap 15 SP2
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP3
7.66.0-4.27.1
fixed
suse enterprise sap 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise sap 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise sap 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise sap 15 SP7
8.6.0-150600.4.21.1
fixed
suse enterprise server 12 SP3
7.37.0-37.70.1
fixed
suse enterprise server 12 SP4
7.60.0-4.30.1
fixed
suse enterprise server 12 SP5
7.60.0-11.28.1
fixed
suse enterprise server 15
7.60.0-25.1
fixed
suse enterprise server 15 SP1
7.60.0-25.1
fixed
suse enterprise server 15 SP2
7.66.0-4.27.1
fixed
suse enterprise server 15 SP3
7.66.0-4.27.1
fixed
suse enterprise server 15 SP4
7.79.1-150400.3.1
fixed
suse enterprise server 15 SP5
8.0.1-150400.5.23.1
fixed
suse enterprise server 15 SP6
8.6.0-150600.2.2
fixed
suse enterprise server 15 SP7
8.6.0-150600.4.21.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
curl
RHEL 8
0:7.61.1-18.el8_4.2
fixed
RHEL 8.2 AUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 E4S
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 EUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 TUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.4 AUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 E4S
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 EUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 TUS
0:7.61.1-18.el8_4.2
fixed
libcurl
RHEL 8
0:7.61.1-18.el8_4.2
fixed
RHEL 8.2 AUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 E4S
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 EUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 TUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.4 AUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 E4S
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 EUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 TUS
0:7.61.1-18.el8_4.2
fixed
libcurl-devel
RHEL 8
0:7.61.1-18.el8_4.2
fixed
RHEL 8.2 AUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 E4S
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 EUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 TUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.4 AUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 E4S
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 EUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 TUS
0:7.61.1-18.el8_4.2
fixed
libcurl-minimal
RHEL 8
0:7.61.1-18.el8_4.2
fixed
RHEL 8.2 AUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 E4S
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 EUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.2 TUS
0:7.61.1-12.el8_2.4
fixed
RHEL 8.4 AUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 E4S
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 EUS
0:7.61.1-18.el8_4.2
fixed
RHEL 8.4 TUS
0:7.61.1-18.el8_4.2
fixed
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2022/Mar/29
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://hackerone.com/reports/1334111
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://security.gentoo.org/glsa/202212-01
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://www.debian.org/security/2022/dsa-5197
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
http://seclists.org/fulldisclosure/2022/Mar/29
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://hackerone.com/reports/1334111
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://security.gentoo.org/glsa/202212-01
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://www.debian.org/security/2022/dsa-5197
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html